Prerequisites
It is recommended, but not required, that students have the following knowledge and skills before attending this course:
- CCNA Basic Cisco IOS Software switch and router configuration skills
- CCNA Routing and Switching Certification
- CCNA Security Certification
Course Content
This lab-intensive training course prepares you to hit the ground running as an entry level security analyst team member. The course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand cyber security concepts and to recognize specific threats and attacks on your network. It will teach you how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network. The job role for a security analyst will vary from industry to industry and differ in the private sector versus the public sector.
Upon completing this course, students will have the following knowledge and skills:
- Describe the tools, techniques, and thought processes of an attacker
- Describe the features, functions, and benefits of an SOC
- Identify the common sources used to detect an incident, as well as the actions that should be considered in response
- Perform basic packet capture and packet analysis
- Enable syslog on Cisco devices and to perform basic network log analysis
- Discuss the relevance of baselining and some of the most useful steps to be used when deploying a system
- Discuss the policies and roles in the typical SOC, as well as some of the common tools used by SOC members
- Discuss techniques used to identify anomalies and correlate log entries
- Understand techniques used to scope, document, and analyze investigations
- Discuss the methodology behind mitigations
- Discuss documentation and communication during an incident
- Discuss post-incident considerations
Course Outline
- Course Introduction
- Module 1: Attacker Methodology
- Module 2: Defender Methodology
- Module 3: Defender Tools
- Module 4: Packet Analysis
- Module 5: Network Log Analysis
- Module 6: Baseline Network Operations
- Module 7: Incident Response Preparation
- Module 8: Security Incident Detection
- Module 9: Investigations
- Module 10: Mitigations and Best Practices
- Module 11: Communication
- Module 12: Post-Event Activity
Who Should Attend
- This course is designed for technical professionals who need to know how to monitor, analyze, and respond to network security threats and attacks